Skip to content

Commit

Permalink
fix(secret): exclude upper case before secret for `alibaba-access-key…
Browse files Browse the repository at this point in the history 
…-id` (#5618)
  • Loading branch information
@DmitriyLewen
DmitriyLewen authored Nov 22, 2023
1 parent 65351d4 commit b1dc60b
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
2 changes: 1 addition & 1 deletion pkg/fanal/secret/builtin-rules.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,7 @@ var builtinRules = []Rule{
Category: CategoryAlibaba,
Title: "Alibaba AccessKey ID",
Severity: "HIGH",
Regex: MustCompile(`([^0-9a-z]|^)(?P<secret>(LTAI)(?i)[a-z0-9]{20})([^0-9a-z]|$)`),
Regex: MustCompile(`([^0-9A-Za-z]|^)(?P<secret>(LTAI)(?i)[a-z0-9]{20})([^0-9A-Za-z]|$)`),
SecretGroupName: "secret",
Keywords: []string{"LTAI"},
},
Expand Down
5 changes: 4 additions & 1 deletion pkg/fanal/secret/testdata/alibaba-access-key-id.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
key : LTAI1234567890ABCDEFG123asd
key = LTAI1234567890ABCDEFG123,
asdLTAI1234567890ABCDEFG123
asdLTAI1234567890ABCDEFG123
asDLTAI1234567890ABCDEFG123
as1LTAI1234567890ABCDEFG123
key : LTAI1234567890ABCDEFG123Asd

0 comments on commit b1dc60b

Please sign in to comment.